RHEL 6 : Red Hat OpenShift Enterprise 1.1 update (Important) (RHSA-2013:0220)

low Nessus Plugin ID 119431

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0220 advisory.

Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.

Refer to the Red Hat OpenShift Enterprise 1.1 Release Notes for information about the changes in this release. The Release Notes will be available shortly from https://access.redhat.com/knowledge/docs/

This update also fixes the following security issues:

It was found that the master cryptographic key of Jenkins could be retrieved via the HTTP server that is hosting Jenkins. A remote attacker could use this flaw to access the server and execute arbitrary code with the privileges of the user running Jenkins. Note that this issue only affected Jenkins instances that had slaves attached and that also allowed anonymous read access (not the default configuration). Manual action is also required to correct this issue. Refer to Jenkins Security Advisory 2013-01-04, linked to in the References, for further information.
(CVE-2013-0158)

When the rhc-chk script was run in debug mode, its output included sensitive information, such as database passwords, in plain text. As this script is commonly used when troubleshooting, this flaw could lead to users unintentionally exposing sensitive information in support channels (for example, a Bugzilla report). This update removes the rhc-chk script.
(CVE-2012-5658)

Multiple flaws in the Jenkins web interface could allow a remote attacker to perform HTTP response splitting and cross-site scripting (XSS) attacks, as well as redirecting a victim to an arbitrary page by utilizing an open redirect flaw. (CVE-2012-6072, CVE-2012-6074, CVE-2012-6073)

A flaw was found in the way rubygem-activerecord dynamic finders extracted options from method parameters. A remote attacker could possibly use this flaw to perform SQL injection attacks against applications using the Active Record dynamic finder methods. (CVE-2012-6496)

The openshift-port-proxy-cfg program created a temporary file in an insecure way. A local attacker could use this flaw to perform a symbolic link attack, overwriting an arbitrary file accessible to the root user with a 0 or a 1, which could lead to a denial of service. By default, OpenShift uses polyinstantiation (per user) for the /tmp/ directory, minimizing the risk of exploitation by local attackers. (CVE-2013-0164)

The CVE-2013-0164 issue was discovered by Michael Scherer of the Red Hat Regional IT team.

Users of Red Hat OpenShift Enterprise 1.0 are advised to upgrade to Red Hat OpenShift Enterprise 1.1.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?0f8bc6d8

http://www.nessus.org/u?cecef8bb

https://access.redhat.com/errata/RHSA-2013:0220

https://access.redhat.com/knowledge/docs/

https://access.redhat.com/security/updates/classification/#important

https://bugzilla.redhat.com/show_bug.cgi?id=855264

https://bugzilla.redhat.com/show_bug.cgi?id=864921

https://bugzilla.redhat.com/show_bug.cgi?id=872415

https://bugzilla.redhat.com/show_bug.cgi?id=873765

https://bugzilla.redhat.com/show_bug.cgi?id=873768

https://bugzilla.redhat.com/show_bug.cgi?id=874511

https://bugzilla.redhat.com/show_bug.cgi?id=874750

https://bugzilla.redhat.com/show_bug.cgi?id=874751

https://bugzilla.redhat.com/show_bug.cgi?id=874757

https://bugzilla.redhat.com/show_bug.cgi?id=874799

https://bugzilla.redhat.com/show_bug.cgi?id=874845

https://bugzilla.redhat.com/show_bug.cgi?id=875657

https://bugzilla.redhat.com/show_bug.cgi?id=876324

https://bugzilla.redhat.com/show_bug.cgi?id=876465

https://bugzilla.redhat.com/show_bug.cgi?id=876644

https://bugzilla.redhat.com/show_bug.cgi?id=876937

https://bugzilla.redhat.com/show_bug.cgi?id=876939

https://bugzilla.redhat.com/show_bug.cgi?id=877158

https://bugzilla.redhat.com/show_bug.cgi?id=877407

https://bugzilla.redhat.com/show_bug.cgi?id=883527

https://bugzilla.redhat.com/show_bug.cgi?id=885587

https://bugzilla.redhat.com/show_bug.cgi?id=885598

https://bugzilla.redhat.com/show_bug.cgi?id=886159

https://bugzilla.redhat.com/show_bug.cgi?id=888043

https://bugzilla.redhat.com/show_bug.cgi?id=888056

https://bugzilla.redhat.com/show_bug.cgi?id=888671

https://bugzilla.redhat.com/show_bug.cgi?id=889062

https://bugzilla.redhat.com/show_bug.cgi?id=889088

https://bugzilla.redhat.com/show_bug.cgi?id=889095

https://bugzilla.redhat.com/show_bug.cgi?id=889125

https://bugzilla.redhat.com/show_bug.cgi?id=889649

https://bugzilla.redhat.com/show_bug.cgi?id=890607

https://bugzilla.redhat.com/show_bug.cgi?id=890608

https://bugzilla.redhat.com/show_bug.cgi?id=890612

https://bugzilla.redhat.com/show_bug.cgi?id=892781

https://bugzilla.redhat.com/show_bug.cgi?id=892795

https://bugzilla.redhat.com/show_bug.cgi?id=892990

https://bugzilla.redhat.com/show_bug.cgi?id=893288

https://bugzilla.redhat.com/show_bug.cgi?id=893307

https://bugzilla.redhat.com/show_bug.cgi?id=893895

https://bugzilla.redhat.com/show_bug.cgi?id=896406

Plugin Details

Severity: Low

ID: 119431

File Name: redhat-RHSA-2013-0220.nasl

Version: 1.9

Type: local

Agent: unix

Published: 12/6/2018

Updated: 3/20/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

Vendor

Vendor Severity: Important

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2012-6496

CVSS v3

Risk Factor: Low

Base Score: 3.7

Temporal Score: 3.4

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2013-0158

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-node, cpe:/o:redhat:enterprise_linux:6, p-cpe:/a:redhat:enterprise_linux:jenkins, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-controller, p-cpe:/a:redhat:enterprise_linux:mongodb, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-ruby-1.8, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-common, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker-util, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-devel, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-ruby-1.9-scl, p-cpe:/a:redhat:enterprise_linux:rubygem-activerecord, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-console, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-msg-broker-mcollective, p-cpe:/a:redhat:enterprise_linux:openshift-origin-broker, p-cpe:/a:redhat:enterprise_linux:openshift-origin-msg-node-mcollective, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-activerecord, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-auth-remote-user, p-cpe:/a:redhat:enterprise_linux:ruby193-mod_passenger, p-cpe:/a:redhat:enterprise_linux:libmongodb, p-cpe:/a:redhat:enterprise_linux:openshift-console, p-cpe:/a:redhat:enterprise_linux:openshift-origin-port-proxy, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-activerecord-doc, p-cpe:/a:redhat:enterprise_linux:mongodb-server, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-doc, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-dns-bind, p-cpe:/a:redhat:enterprise_linux:mongodb-devel, p-cpe:/a:redhat:enterprise_linux:openshift-origin-node-util, p-cpe:/a:redhat:enterprise_linux:rhc, p-cpe:/a:redhat:enterprise_linux:rubygem-openshift-origin-console-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:openshift-origin-cartridge-haproxy-1.4

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/31/2013

Vulnerability Publication Date: 1/3/2013

Reference Information

CVE: CVE-2012-5658, CVE-2012-6072, CVE-2012-6073, CVE-2012-6074, CVE-2012-6496, CVE-2013-0158, CVE-2013-0164

BID: 58168, 58169

CWE: 377, 79, 89

RHSA: 2013:0220